Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa
File:                     63586974-b35a-4b49-953d-2bcf6d3fd94e.roa (raw, json)
Hash identifier:          MiP+83/PxAp3zCoFv8pvqDVt3g1NprjnPgbMZoUtW6c=
Subject key identifier:   6D:B7:1A:01:FE:A1:90:B2:72:EB:9E:35:A4:83:42:8A:6A:35:A6:57
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4CFCDF750CF8173E8AA84E7C12AC88223F2C6A8F
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f000:8000::/39 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:fc:df:75:0c:f8:17:3e:8a:a8:4e:7c:12:ac:88:22:3f:2c:6a:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=67350a5390b6788fe1b2c3827e3410ece0940ebd173c50332b65ae8f0204fb11, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1f:c2:91:5b:ae:a0:54:ce:cc:fd:9e:5c:a2:
                    20:96:74:61:e6:54:c3:b4:ba:46:b2:c2:da:43:7d:
                    f4:07:96:bb:d6:e4:0d:43:dc:bb:ab:de:6f:84:a8:
                    87:12:f1:f9:ae:5a:94:2b:0a:cf:a4:bb:75:5a:8c:
                    a8:e3:e1:11:e3:f2:61:3f:fa:59:4a:6e:8d:d4:3e:
                    3b:66:4d:9b:d8:d7:f0:bc:61:48:80:d5:8e:cc:76:
                    6e:aa:d4:9e:8b:a6:f9:b4:09:1f:80:da:95:f5:70:
                    38:45:9a:86:a0:4e:ce:66:66:c4:43:3b:2f:23:65:
                    a0:b8:ef:2f:54:11:bd:49:e6:f0:79:40:23:23:de:
                    70:e7:06:a3:e4:15:28:5d:d5:d9:6d:cb:6f:d4:87:
                    9f:15:66:08:01:74:97:9e:fe:4a:9d:34:ea:3a:36:
                    74:40:7d:41:6a:1b:84:af:5a:48:10:3e:2b:28:3a:
                    a8:15:73:28:56:7f:61:2e:25:58:72:a2:2a:cb:d8:
                    bb:a2:5e:88:1c:bc:70:c6:e6:d4:7f:24:96:08:b9:
                    75:72:d6:c5:3d:47:73:69:5a:40:fb:0b:95:22:95:
                    db:5e:7d:c0:d6:f5:fd:c1:bc:ed:18:c7:90:bb:42:
                    f4:31:98:05:44:31:65:a0:9d:b3:5c:0e:2a:f2:56:
                    a6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:B7:1A:01:FE:A1:90:B2:72:EB:9E:35:A4:83:42:8A:6A:35:A6:57
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f000:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         6b:2d:7d:0e:0a:a3:df:73:ff:ae:c6:af:c5:fb:10:10:b8:53:
         b4:97:b6:b4:ff:cd:4c:ab:1c:f8:48:80:83:aa:54:32:60:05:
         37:68:19:c4:01:fa:45:c3:4b:af:bf:66:34:a6:25:69:9c:11:
         55:e5:0a:48:b8:3b:37:9f:df:98:e6:73:d8:70:dc:f9:02:33:
         81:d2:eb:96:67:a5:b0:54:3f:37:f0:df:d8:19:26:f9:23:8b:
         f2:08:37:69:32:81:d9:22:b9:a7:c2:0c:91:a9:7f:ec:0b:c6:
         46:68:fa:13:ec:21:fe:bf:7e:e3:f5:99:93:e0:5a:bb:9b:03:
         51:7f:14:8c:40:b4:90:63:d6:6b:45:a8:dd:42:d1:79:01:69:
         28:49:8e:86:e9:dc:55:51:46:0d:83:76:26:3e:03:22:c7:f3:
         99:5e:d9:ea:39:c8:14:6d:ac:b1:8c:24:e3:9b:ad:42:41:37:
         15:59:f3:a1:95:01:f7:cd:4f:6f:6d:12:26:ca:a2:8a:c7:8d:
         9c:2b:1c:7b:9a:29:6f:30:0e:b4:70:31:9c:ab:b4:9f:de:ce:
         19:6d:8a:b8:83:c0:a6:62:86:76:b6:e1:b8:77:28:d3:c6:18:
         3d:09:cf:a0:9f:75:b2:39:9b:e3:67:e0:20:92:61:a3:3b:2b:
         20:a9:a4:b8
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTPzfdQz4Fz6KqE58EqyIIj8sao8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzM1MGE1MzkwYjY3ODhmZTFiMmMzODI3ZTM0MTBlY2Uw
OTQwZWJkMTczYzUwMzMyYjY1YWU4ZjAyMDRmYjExMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyH8KRW66gVM7M/Z5coiCWdGHmVMO0ukaywtpDffQHlrvW
5A1D3Lur3m+EqIcS8fmuWpQrCs+ku3VajKjj4RHj8mE/+llKbo3UPjtmTZvY1/C8
YUiA1Y7Mdm6q1J6Lpvm0CR+A2pX1cDhFmoagTs5mZsRDOy8jZaC47y9UEb1J5vB5
QCMj3nDnBqPkFShd1dlty2/Uh58VZggBdJee/kqdNOo6NnRAfUFqG4SvWkgQPiso
OqgVcyhWf2EuJVhyoirL2LuiXogcvHDG5tR/JJYIuXVy1sU9R3NpWkD7C5Uildte
fcDW9f3BvO0Yx5C7QvQxmAVEMWWgnbNcDiryVqYVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUbbcaAf6hkLJy6541pINCimo1plcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzYzNTg2OTc0LWIzNWEtNGI0OS05NTNkLTJiY2Y2ZDNmZDk0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAPAAgDANBgkqhkiG9w0BAQsFAAOCAQEAay19Dgqj33P/rsavxfsQELhT
tJe2tP/NTKsc+EiAg6pUMmAFN2gZxAH6RcNLr79mNKYlaZwRVeUKSLg7N5/fmOZz
2HDc+QIzgdLrlmelsFQ/N/Df2Bkm+SOL8gg3aTKB2SK5p8IMkal/7AvGRmj6E+wh
/r9+4/WZk+Bau5sDUX8UjEC0kGPWa0Wo3ULReQFpKEmOhuncVVFGDYN2Jj4DIsfz
mV7Z6jnIFG2ssYwk45utQkE3FVnzoZUB981Pb20SJsqiiseNnCsce5opbzAOtHAx
nKu0n97OGW2KuIPApmKGdrbhuHco08YYPQnPoJ91sjmb42fgIJJhozsrIKmkuA==
-----END CERTIFICATE-----